Commit 3a4dca8a authored by Stephane Glondu's avatar Stephane Glondu

Move trustee-related code to its own module

parent f8818637
......@@ -56,48 +56,6 @@ module MakeSimpleMonad (G : GROUP) = struct
let cardinal () = List.length !ballots
end
(** Distributed key generation *)
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
open G
open M
let ( >>= ) = bind
let ( / ) x y = x *~ invert y
(** Fiat-Shamir non-interactive zero-knowledge proofs of
knowledge *)
let fs_prove gs x oracle =
random q >>= fun w ->
let commitments = Array.map (fun g -> g **~ w) gs in
let challenge = oracle commitments in
let response = Z.((w + x * challenge) mod q) in
return {challenge; response}
let generate_and_prove () =
random q >>= fun x ->
let trustee_public_key = g **~ x in
let zkp = "pok|" ^ G.to_string trustee_public_key ^ "|" in
fs_prove [| g |] x (G.hash zkp) >>= fun trustee_pok ->
return (x, {trustee_pok; trustee_public_key})
let check {trustee_pok; trustee_public_key = y} =
G.check y &&
let {challenge; response} = trustee_pok in
check_modulo q challenge &&
check_modulo q response &&
let commitment = g **~ response / (y **~ challenge) in
let zkp = "pok|" ^ G.to_string y ^ "|" in
Z.(challenge =% G.hash zkp [| commitment |])
let combine pks =
Array.fold_left (fun y {trustee_public_key; _} ->
y *~ trustee_public_key
) G.one pks
end
(** Homomorphic elections *)
module MakeElection (G : GROUP) (M : RANDOM) = struct
......
......@@ -51,28 +51,6 @@ module MakeSimpleMonad (G : GROUP) : sig
end
(** Simple election monad that keeps all ballots in memory. *)
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
(** This module implements a simple distributed key generation. Each
share is a number modulo q, and the secret key is their sum. All
shares are needed to decrypt, but the decryptions can be done in
a distributed fashion. *)
val generate_and_prove :
unit -> (Z.t * G.t trustee_public_key) M.t
(** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
the secret exponent, [y] contains the public key and a
zero-knowledge proof of knowledge of [x]. *)
val check : G.t trustee_public_key -> bool
(** Check a public key and its proof. *)
val combine : G.t trustee_public_key array -> G.t
(** Combine all public key shares into an election public key. *)
end
(** Simple distributed generation of an election public key. *)
module MakeElection (G : GROUP) (M : RANDOM) :
ELECTION with type elt = G.t and type 'a m = 'a M.t
(** Implementation of {!Signatures.ELECTION}. *)
......@@ -6,5 +6,6 @@ Serializable_j
Common
Group_field
Group
Trustees
Election
Credential
(**************************************************************************)
(* BELENIOS *)
(* *)
(* Copyright © 2012-2017 Inria *)
(* *)
(* This program is free software: you can redistribute it and/or modify *)
(* it under the terms of the GNU Affero General Public License as *)
(* published by the Free Software Foundation, either version 3 of the *)
(* License, or (at your option) any later version, with the additional *)
(* exemption that compiling, linking, and/or using OpenSSL is allowed. *)
(* *)
(* This program is distributed in the hope that it will be useful, but *)
(* WITHOUT ANY WARRANTY; without even the implied warranty of *)
(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *)
(* Affero General Public License for more details. *)
(* *)
(* You should have received a copy of the GNU Affero General Public *)
(* License along with this program. If not, see *)
(* <http://www.gnu.org/licenses/>. *)
(**************************************************************************)
open Platform
open Serializable_t
open Signatures
open Common
(** Helper functions *)
let check_modulo p x = Z.(geq x zero && lt x p)
(** Distributed key generation *)
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) = struct
open G
open M
let ( >>= ) = bind
let ( / ) x y = x *~ invert y
(** Fiat-Shamir non-interactive zero-knowledge proofs of
knowledge *)
let fs_prove gs x oracle =
random q >>= fun w ->
let commitments = Array.map (fun g -> g **~ w) gs in
let challenge = oracle commitments in
let response = Z.((w + x * challenge) mod q) in
return {challenge; response}
let generate_and_prove () =
random q >>= fun x ->
let trustee_public_key = g **~ x in
let zkp = "pok|" ^ G.to_string trustee_public_key ^ "|" in
fs_prove [| g |] x (G.hash zkp) >>= fun trustee_pok ->
return (x, {trustee_pok; trustee_public_key})
let check {trustee_pok; trustee_public_key = y} =
G.check y &&
let {challenge; response} = trustee_pok in
check_modulo q challenge &&
check_modulo q response &&
let commitment = g **~ response / (y **~ challenge) in
let zkp = "pok|" ^ G.to_string y ^ "|" in
Z.(challenge =% G.hash zkp [| commitment |])
let combine pks =
Array.fold_left (fun y {trustee_public_key; _} ->
y *~ trustee_public_key
) G.one pks
end
(**************************************************************************)
(* BELENIOS *)
(* *)
(* Copyright © 2012-2017 Inria *)
(* *)
(* This program is free software: you can redistribute it and/or modify *)
(* it under the terms of the GNU Affero General Public License as *)
(* published by the Free Software Foundation, either version 3 of the *)
(* License, or (at your option) any later version, with the additional *)
(* exemption that compiling, linking, and/or using OpenSSL is allowed. *)
(* *)
(* This program is distributed in the hope that it will be useful, but *)
(* WITHOUT ANY WARRANTY; without even the implied warranty of *)
(* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU *)
(* Affero General Public License for more details. *)
(* *)
(* You should have received a copy of the GNU Affero General Public *)
(* License along with this program. If not, see *)
(* <http://www.gnu.org/licenses/>. *)
(**************************************************************************)
open Platform
open Serializable_t
open Signatures
module MakeSimpleDistKeyGen (G : GROUP) (M : RANDOM) : sig
(** This module implements a simple distributed key generation. Each
share is a number modulo q, and the secret key is their sum. All
shares are needed to decrypt, but the decryptions can be done in
a distributed fashion. *)
val generate_and_prove :
unit -> (Z.t * G.t trustee_public_key) M.t
(** [generate_and_prove ()] returns a new keypair [(x, y)]. [x] is
the secret exponent, [y] contains the public key and a
zero-knowledge proof of knowledge of [x]. *)
val check : G.t trustee_public_key -> bool
(** Check a public key and its proof. *)
val combine : G.t trustee_public_key array -> G.t
(** Combine all public key shares into an election public key. *)
end
(** Simple distributed generation of an election public key. *)
......@@ -62,7 +62,7 @@ module Make (P : PARSED_PARAMS) : S = struct
(* Load and check trustee keys, if present *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;
let public_keys_with_pok =
get_public_keys () |> option_map @@
......
......@@ -66,7 +66,7 @@ module Make (P : PARSED_PARAMS) : S = struct
(* Setup trustees *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;
let public_keys =
match get_public_keys () with
......
......@@ -53,7 +53,7 @@ module Make (P : PARSED_PARAMS) : S = struct
(* Generate key *)
module KG = Election.MakeSimpleDistKeyGen(G)(M);;
module KG = Trustees.MakeSimpleDistKeyGen(G)(M);;
type keypair = { id : string; priv : string; pub : string }
......
......@@ -101,7 +101,7 @@ let verifydiff dir1 dir2 =
let open ED in
let module M = Election.MakeSimpleMonad (G) in
let module E = Election.MakeElection (G) (M) in
let module KG = Election.MakeSimpleDistKeyGen (G) (M) in
let module KG = Trustees.MakeSimpleDistKeyGen (G) (M) in
let pks = match pks with
| None -> raise (VerifydiffError MissingPublicKeys)
| Some pks -> List.map (trustee_public_key_of_string G.read) pks
......
......@@ -6,6 +6,7 @@ Serializable_j
Common
Group_field
Group
Trustees
Election
Credential
......
......@@ -106,7 +106,7 @@ let finalize_election uuid se =
(* trustees *)
let group = Group.of_string se.se_group in
let module G = (val group : GROUP) in
let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
let%lwt trustees, public_keys, private_key =
match se.se_public_keys with
| [] ->
......@@ -851,7 +851,7 @@ let () =
let t = List.find (fun x -> token = x.st_token) se.se_public_keys in
let module G = (val Group.of_string se.se_group : GROUP) in
let pk = trustee_public_key_of_string G.read public_key in
let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
if not (KG.check pk) then failwith "invalid public key";
(* we keep pk as a string because of G.t *)
t.st_public_key <- public_key;
......@@ -969,7 +969,7 @@ let () =
let () =
(* check that imported keys are valid *)
let module G = (val Group.of_string se.se_group : GROUP) in
let module KG = Election.MakeSimpleDistKeyGen (G) (LwtRandom) in
let module KG = Trustees.MakeSimpleDistKeyGen (G) (LwtRandom) in
if not @@ List.for_all (fun t ->
let pk = t.st_public_key in
let pk = trustee_public_key_of_string G.read pk in
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment